Yes, the site has been hacked, although not in such a way that anyone would notice. However, a significant number of html and php files had a large amount of commented code (nothing malicious) inserted. The files were apparently randomly targeted and the database was untouched.

The following steps were taken to remedy this situation:

(1) security access to the site (password) was changed. This should prevent future damage.(2) All impacted files were identified and replaced by clean copies from my local archives. I believe I got everything.

I don't believe in coincidences and the fact that this happened after I spent the past week at a hotel is more than a little suspicious. We like to believe that hotel networks are secure but this, I believe, is a reminder.

At any rate, if anyone notices anything odd about the site, drop me a line and I'll check it out.

Thu Sep 17, 2009 11:39 pm

ed_metal_head

Re: ReelViews HACKED!

Interesting development. I certainly would have been none the wiser if you hadn't mentioned anything. Does "commented code" mean that there was code with comments or that all the code was enclosed within comment tags (hence harmless)?

Fri Sep 18, 2009 5:41 pm

Patrick

Re: ReelViews HACKED!

ed_metal_head wrote:

Interesting development. I certainly would have been none the wiser if you hadn't mentioned anything. Does "commented code" mean that there was code with comments or that all the code was enclosed within comment tags (hence harmless)?

Interesting development. I certainly would have been none the wiser if you hadn't mentioned anything. Does "commented code" mean that there was code with comments or that all the code was enclosed within comment tags (hence harmless)?

pretty sure it's the latter

Yes - hundreds of lines of code all included within comment tags. My guess is that someone added the commented code with the intention of removing the comment tags at some point and thereby subverting the site.

The problem seems to have been nipped in the bud. No further evidence of tampering since the initial incident. I attribute the security hole as having something to do with the way I was accessing the site while I was in Toronto; password changes seem to have done the trick.

Who is online

Users browsing this forum: No registered users and 0 guests

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot post attachments in this forum